Social media users were agog on 28 January 2019 about reports of a bug in Apple’s FaceTime feature, one that allows users to eavesdrop on the people they’re calling and see through their mobile phone cameras, even if the called party hasn’t answered the call. As WFAB noted of the bug:
It is activated when calling someone via FaceTime. After the phone begins to dial, swipe up to add another person to the call, and add your own phone number. The person who initiated the call is then able to hear the live audio on the other person’s phone, even though the recipient has not accepted the call. The person who received the call is given no indication that their conversation is being transmitted. In some cases, the bug can also show live video of the other person if they press a volume button to dismiss the call.
According to 9to5Mac, one of the first sites to report on the bug:
The bug lets you call anyone with FaceTime, and immediately hear the audio coming from their phone — before the person on the other end has accepted or rejected the incoming call.
The damage potential here is real. You can listen in to soundbites of any iPhone user’s ongoing conversation without them ever knowing that you could hear them. Until Apple fixes the bug, it’s not clear how to defend yourself against this attack either aside from disabling FaceTime altogether.
As it stands, if your phone is ringing with an incoming FaceTime request, the person on the other end could be listening in.
What we have also found is that if the person presses the Power button from the lock screen, their video is also sent to the caller — unbeknownst to them. In this situation, the receiver can now hear your own audio, but they do not know they are transmitting their audio and video back to you. From their perspective, all they can see is accept and decline.
The bug appears to be present on iPhones and iPads running iOS 12.1, and Apple PCs running macOS Mojave.
Apple released a statement confirming they had identified a fix for the problem, to be issued in a software update later in the week.
For now, iPhone users can avoid the bug by disabling FaceTime on all their devices until Apple’s software updates have been released by going into Settings, navigating to the FaceTime section, and toggling off the green FaceTime button at the top of the screen.